After posts explaining general website optimization in terms of finding the problems and bottlenecks, eliminating multiple redirects, implementing caching and compression, the subject of this post is specially related to WordPress websites, something that can drastically affect website speed and stability – WordPress plugins. First I will explain the function and importance of plugins, then what to look (out) for when choosing a plugin, finished with a list of plugins that I use and for which I think that are good (each for their intended use).
1. What are WordPress plugins?
2. What to look (out) for when choosing a plugin
…2.1. Free and plugins that are paid for
3. Plugins that I’m using and recommending
…3.1. Safety, anti-spam, image protection etc.
…3.2. Speed related plugins (caching etc.)
…3.5. Website navigation
…3.6. SEO (Search Engine Optimization)
1. What are WordPress plugins?
WordPress comes with some basic functions, well suited for writing and publishing blogs on-line. Depending on the chosen Theme, some additional functions are added (some themes allow website to look good on mobile phones, some allow making customized menus etc.). I won’t go into theme types and functionality, just to note that BikeGremlin uses GeneratePress theme, for speed and compatibility with most plugins (with a bit more difficult design customization, especially with the free version). This was important for me, because my site is based on providing information, not on attractive design that can be distracting in my opinion.
To get back to plugins – they are a sort of “small applications” written in PHP, that allow for additional functionality. Whether that is site security and spam protection, or adding social network sharing icons – for any function you can imagine, there is an appropriate plugin.
Of course, no one prevents you from editing theme, or WordPress code in order to achieve desired functionality. However, this approach has two downsides:
- Even if you know how, it takes a lot of time to write and test code yourself.
- In case of any changes/updates, it is more practical to have a “separated” code in the form of a plugin, that can relatively easily be edited, or uninstalled and changed for another plugin.
Well chosen plugins avoid all the complications and allow adding desired functionality by just clicking “install” and “activate”. OK, some plugins have their own menus with options. They are usually easy to understand written in “plain English”.
2. What to look (out) for when choosing a plugin
Firstly, look at the general info that is placed in the right side of the plugin info page.
- Last updated – if the info says a year, or more, it is probably a plugin who’s maker had stopped development. That means it might not work with new WordPress updates, or could have some security “holes” that hackers could exploit.
- Active installations – how many people have installed and tried the plugin. If the number is over 50,000, it means enough people have tried it and user reviews (later on that) will most probably contain statistically valid data and problem reports.
- WordPress version – the oldest WordPress version that the plugin works with. If your WordPress version is older, it is advised to update it (the WordPress) anyway, unless there is a very good reason not to.
- Tested up to – the latest WordPress version that the plugin has been tested with. It is best if this is the latest published WordPress version.
- PHP version – some plugins require a minimum PHP version to run. Check with your server what you’ve got to know whether the plugin will work.
Next are the user reviews, right below the basic info. Picture 2.
It is preferable for a plugin to have at least 200 reviews. This gives an objective view of the plugins’ quality, even if the author asks all their friends and family to rate them with 5 stars. 🙂
Important: when you multiply the number of 5-star ratings with 100 (add two zeros at the end) – the number you get should not exceed the total number of plugin installs. If it does, the 5-star reviews are most probably fake!
An exception to that are the plugins with “5 million installs” – WordPress doesn’t show the number over 5 million, it just shows “5+ million,” even if a plugin has 20 million installations. So, in that case, the number of 5-star reviews multiplied by 100 may exceed 5 million.
A great article by Raitis Sevelis with a WordPress.Org Plugin Review Analysis.
There will always be people trashing the plugin/author, often from their own ignorance, or too high expectations, but if the percentage of marks below 4 and 5 is over 10%, you should be careful. If the percentage of low marks (1, 2 and 3) is over 20%, it is most probably a problematic plugin.
Next come Issues resolved in last two months– it is best when authors resolve a vast majority of reported issues.
You can also read comments for bad marks (sometimes with author’s reply) and View support forum to check support and troubleshooting service.
Website with a list of found vulnerabilities of WordPress plugins: WPscan vulnerability database. There you can search for plugins you (intend to) use and see if they have any un-patched vulnerabilities.
2.1. Free and plugins that are paid for
Most plugins are free, or allow many functions without paying (“upgrading”).
Main advantage of paid plugins is prompt and real customer support (at least for the good ones).
Many free plugins ask for paying in order to get full functionality. However, you might be well served with the options that come with the free version. Free vs paid functionality differences are usually written in the plugin’s Description.
When choosing a plugin, don’t think that expensive ones (or paid ones in general) are better. Pay attention to the things I’ve previously explained and ask around if friends can make recommendations. Likewise, don’t be “penny wise, pound foolish” – if there’s no free plugin of good quality for functionality that you need, it is better to pay. Time and nerves are the most precious.
3. Plugins that I’m using and recommending
Update, July 2022:
Here’s a list of WordPress plugins I’m using on my website. I think there’s no more honest recommendation than that. I’m keeping the list below as a reminder, and because the comments on the listed plugins can help people.
Here I’ll provide a list of plugins that I’m using and am happy with, sorted by the types of functions they perform. With a short comment for each comment. Clicking on a plugin image takes you to it’s info and download page on wordpress.org website.
Before installing a new plugin, it is best to backup the website, so that in worst case scenario, all can be brought back the way it was. Seriously. Back-up. I’m not taking any responsibility if one of the recommended plugins crashes your website – I have no idea what kind of server you are using, was your WordPress customized and how etc. Take it for what it is – the plugins have worked for me, many on two different hostings and for a few different websites (it’s not much, but it’s not nothing).
All the listed plugins provide good functionality in their free version.
3.1. Safety, anti-spam, image protection etc.
Anti-spam plugin, as the name says. For me, a combination of comment moderation (for trolls) and Google Captcha bot protection have proven to be more effective, but this is a good addition to that, for those that “slip” through.
Update 2022: how I solved the WordPress comment spam problem.
Caution – some people have experienced problems with uninstalling some BestWebSoft plugins, or their control panel that gets installed in the WordPress menu panel. It has worked fine for me though. What does it do? It enables visitors to send e-mails to the author, without author’s e-mail being publicly displayed. In addition, there’s an option of including Google Captcha anti-spam and anti-bot protection. This has solved e-mail spamming for me.
Similar to previous plugin, but for comment section protection from spam and bots. Spam protection is not just for reducing the number of annoying messages. It also protects your email and domain reputation. Because spamers often use various links (and viruses) in their messages. They also often use non-existent email addresses, so your mail server will be sending hundreds of emails (comment author notifications, registration confirmations etc.) to non-existent recipients, which could result in you getting on a spamer black-list, without any fault of your own… except for not being careful and knowledgeable about how the Internet works nowadays.
How to configure the reCaptcha plugin
Plugin for placing watermark stamps on your website images. It can watermark all the previously uploaded images and new images as they are uploaded. It’s quicker than manually watermarking images before uploading them to the website. Additionally it can protect images from being right-clicked and saved from a website page. It requires PHP extension “imagick” to be enabled/installed to run properly.
Update 24. 2. 2019: plugin makes problems when watermarking .png images. WordPress 5.1 and PHP 7.2. This plugin definitely needs an update – I can no longer recommend it (for now).
Update 26. 2. 2019: only four days after reporting the above noted problem on the plugin’s support forum, the problem is fixed. Again, I can recommend this plugin. 🙂
Plugins that should be installed first, right after the site setup – before it is too late. Not a substitute for good host-server protection, but it helps.
It is a good idea to turn off “Enable live traffic logging” in plugin’s options, for greater speed. Same goes for the automatic scan option.
How to configure WordFence
Update 11. 2. 2019: because of moving to a LiteSpeed hosting server, I’ve switched to LiteSpeed caching plugin. This plugin also does database optimizations, so I no longer use WP-Optimize (listed right below).
This plugin optimizes WodrPress MySQL database at a click of a button. It can delete extra post drafts (previous versions) and sort the database tables for quick and efficient searching. LiteSpeed cache plugin replaces this one, since it has a DB optimization tool as well.
How often should you backup? Backup time can be as long as the amount of data/changes you are fine with loosing. Murphy’s law says the problem will occur just a second before the next scheduled backup. Also, anything that you don’t have backed up in at least two different copies is not considered safe. Probability of a problem happening at the same time with two different copies, placed in two separate places is negligible.
Backup plugin that allows direct backup to DropBox (affiliate link), Google Drive etc. It can make a .zip archive of the entire website, along with exported database backup, for quick and easy download and save to a hard disk.
Update 2022: Of course, it’s best to configure backups on the server level, instead of trying to use a WordPress plugin to back up the whole WordPress.
A list of website backup solutions
WordPress can cause problems with e-mail forwarding. I had to use a plugin to set them up and this one works fine. Set up is not too complicated.
3.5. Website navigation
Plugins that help users navigate the website.
Customization of user login and logout screens. I didn’t want users seeing WordPress logo when they choose to log in, or log out – it “feels” as if you’ve left the site somehow, at least to me. This plugin allows to easily insert your logo, background images, customizing screen fonts, Google Captcha bot protection etc. That way when visitors click “log in”, it shows page design that reflects your site, whichever way you like it.
Easy creation of post lists. I’ve made a list of all the published posts sorted by post category. This allows an easy and quick overview of the site’s contents.
While listing related posts at the end of each post can be done manually, inserting them in a sidebar widget, so they are different for each post is difficult. Related posts plugins create these lists automatically and allow placing them in a widget as well. Some allow manual editing/changing of related posts recommendations for each post. This is good to help users navigate. Still, a big downside of practically all such plugins is they put load on the server and slow the site down, significantly. Bibblio differs, since everything is done on their servers (where an account needs to be made). Downsides? No manual changing of related post recommendations and a limit of 25,000 free recommendation displays – after that you need to pay. OK for smaller websites with not too many visits. It has pretty good algorithm for recognizing posts that really have related content. However, I’ve decided to not use this plugin (nor any similar) and do all of the linking manually. Well designed menus and organized site content, with links to relevant posts within the text should be enough for easy navigation. No need for cluttering the screen.
Simply create an archive (list) of all the published posts, sorted per your liking.
Allows visitors who post comments to subscribe for e-mail notification of comment replies.
Instead of a long post list having just “next” and “previous” screen links, this plugin shows a numbered and clickable list of pages.
3.6. SEO (Search Engine Optimization)
In a separate post I explained what SEO is.
Update: for the time being, I would not recommend this plugin – but using The Seo Framework instead. For the details, see the post: Yoast SEO vs The SEO Framework.
Plugin that helps optimize website for search engines (Google and the likes). Write a few posts (or open a few old posts) and see what Yoast has to say. It will tell if you are doing things that can confuse search engines. After you’ve learned (if you didn’t know already) how not to confuse Google, you can switch off all the suggestions from the Yoast menu, leaving it just to make and update .xml website maps. This will provide search engines with up to date site-maps.
In addition to this, Yoast SEO allows to quickly and simply write meta tag page descriptions.
So, a better choice for SEO (the one I choose at least) would be:
To not take up too much space in this article, I’ll refer readers to my other article: The SEO Framework (TSF) review.
Set icons for sharing a post on social networks. Showing share counts significantly slows page load speed. Probably among the fastest plugins for this task. If it’s not necessary, or often used by visitors, it can be removed in my opinion. I’m sticking with this one for now. Sassy Social Share is responsive, scales well on both desktop and smartphone displays.
Update 2022: In my experience, 99.99% of people don’t use social icons for sharing article links, so it makes no sense to put these on your website.
After weighing all the pros and cons, and based on the preliminary results of my AMP case study, I’ve decided to ditch AMP.
Page load time graph before and after optimization:
I hope this helps anyone at least a bit when looking for plugins for their website. Comments, critiques, personal experiences etc. are more than welcome.
– Relja Optimizer Novović
- Website optimization  Measuring “performance”
- Website optimization  DNS and redirects
- Website optimization  Caching and compressing
- Website optimization  WordPress plugins – speed and stability
- Website optimization  Images – pictures
- Website optimization  SEO
- Website optimization  Permalink change
- Caching a WordPress website
- Hosting server location impact on website speed